Quick Review: Boxee Box
Featured »
Quick Review: Boxee Box
December 27, 2011 – 12:22 am | 3 Comments

Some of the technical issues with Boxee Box could have been fixed if the dev team was paying more attention to addressing the bugs rather than adding “features” of dubious value. In the final analysis, for the price and ease of use, Boxee Box is the best in its class and price range. You just need to be mindful of its limitations and buy it in hope of future improvements to its usability.

Read the full story »
Networking

Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.

Applications

Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.

Data

Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.

Monitoring

Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Applications, Security

Distributed password cracking with Medussa

Submitted by on May 10, 2006 – 2:43 pmNo Comment
Distributed password cracking with Medussa

Medussa is a password cracking application that supports distributed processing. One node acts as the Medussa server and the rest of the nodes are running the client application. The server node, in addition to running decryption, also distributes the workload among all participating nodes. Below is brief installation and configuration manual for running Medussa under Linux.

Downloading Software

You can download Medussa source code from the developer’s site: http://www.bastard.net/~kos/medussa/

Save the medussa-0.8.tar.gz to /opt/medussa

cd /opt/medussa
gzip -d medussa-0.8.tar.gz
tar xvf medussa-0.8.tar.gz
cd /opt/medussa/medussa-0.8

Installing Server

To compile Medussa you will need the current version of gcc compiler. From /opt/medussa/medussa-0.8 do the following:

./configure
./make
./make install

Configuring Server

In /opt/medussa/medussa-0.8 create a hidden file called .medussarc. The file should contain the following:

#
# Basics
#
verbose 1
adminpassword your_pass
motd Medussa

Set permissions on .medussarc to 700.

Create a file /etc/init.d/medussa with the following contents:

#!/bin/bash
ps -ef | egrep "medussa|tentacle" | egrep -v egrep | awk '{print $2}' | while read PID
do
        kill -9 $PID
done
cd /opt/medussa/medussa-0.8/
/usr/local/bin/medussa -d -f .medussarc
/usr/local/bin/tentacle -v0 &

Medussa will only read the .medussarc file from the current working directory, so it’s important to cd to where this file is located rather than provide the full path to the file.

Set permissions:

chmod 755 /etc/init.d/medussa

Run /etc/init.d/medussa This will start Medussa server and a single client thread.

Installing Client

On each client node run the following script to download the source tarball from the server node, untar, compile, install, add startup scripts, and run. Substitute “head_node” and “root_pass” with the name of your Medussa server and the root password on that server.

#!/bin/bash
 
MSERVER="head_node"
FTPUSER="root"
FTPPASS="root_pass"
HOMEDIR="/opt/medussa"
TARBALL="medussa-0.8.tar"
 
if [ ! -d $HOMEDIR ]
then
	mkdir $HOMEDIR
	chmod 700 $HOMEDIR
else
	echo "Directory $HOMEDIR already exists. Exiting..."
	exit 1
fi
 
ftp -in $MSERVER << END
user $FTPUSER $FTPPASS
cd /opt/medussa
lcd /opt/medussa
get medussa-0.8.tar
END
 
cd "$HOMEDIR"
tar xvf "$TARBALL"
rm "$TARBALL"
cd *
./configure
make
make install
 
echo "/usr/local/bin/tentacle -v0 -s $MSERVER &" > /etc/init.d/tentacle
chmod 755 /etc/init.d/tentacle
 
/etc/init.d/tentacle

Example cracking session

On the Medussa server type mecon to access the Medussa console and enter commands as shown to crack a single Unix password hash.

[root@medussa]# mecon
mecon> o
Implementation 0.8 [i686-pc-linux-gnu], ready and willing
mecon@localhost>admin your_pass
mecon@localhost>add hash username1 unixcrypt vvme8ohnOyMOI
mecon@localhost>add schedule username1 bruteforce poss=abcdefghijklmnopqrstuvwxyz1234567890,maxlen=7
mecon@localhost>show nodes
node                   cps       start time       total time   current slice
medussa2          R 70000    2006/05/10 13:52  0:00:00:01   210000:1210000
medussa3          R 70000    2006/05/10 13:52  0:00:00:01   1210000:2210000
medussa4          R 70000    2006/05/10 13:52  0:00:00:01   2700000:3700000
medussa5          R 70000    2006/05/10 13:52  0:00:00:01   3770000:4770000
medussa6          R 70000    2006/05/10 13:52  0:00:00:01   4770000:5770000
mecon@localhost>stat
eta: 0:13:49:17
percent: 0.055
totalcps: 1619045

Popularity: 6% [?]

No related posts.

Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="" highlight="">

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.